Visa’s Value Added Services (VAS) organization is seeking a Cybersecurity Engineer to enhance security operations, testing processes, and governance efforts within the Regional Solutions Product Development (RSDP) team. This role plays a key part in ensuring Visa's applications and services maintain the highest levels of security and compliance. The Cybersecurity Engineer will report directly to the VAS Security Lead and work closely with cross-functional teams to address security vulnerabilities, enforce security policies, and improve risk management processes.
Key Responsibilities
Security Governance & Compliance
- Oversee all security governance activities for RSDP, ensuring adherence to Visa’s security policies.
- Maintain and update the RSDP Security Dashboard with real-time security findings and compliance statuses.
- Participate in exception reconciliation meetings with Information Security Assurance and contribute to remediation planning.
Security Testing & Vulnerability Management
- Coordinate the scheduling and execution of security tests, including CheckMarx, Qualys, Nexus IQ, and penetration testing (Pentests).
- Analyze findings from security tools such as Qualys, CheckMarx, Sonatype, and Prisma Cloud, ensuring timely dissemination to project teams.
- Work closely with development teams to address and resolve high, medium, and low-risk security vulnerabilities.
Risk & Audit Management
- Assist in drafting security exception reports, escalating unresolved issues, and tracking open audit findings.
- Conduct regular control reviews to proactively identify security weaknesses and prevent potential audit findings.
- Collaborate with internal and external auditors to ensure compliance with industry regulations and best practices.
Reporting & Communication
- Prepare and distribute security reports on a weekly, monthly, and ad-hoc basis for various stakeholders, including executive management.
- Maintain effective communication with Directors, Executive Management, and Product Development teams to facilitate timely security resolutions.
- Utilize JIRA and other ticketing systems to track and manage security findings and exception requests.
Required Qualifications
Technical Expertise
- Minimum 8+ years of experience in cybersecurity, risk analysis, or IT security auditing.
- Strong background in Secure Software Development Life Cycle (SSDLC) and secure coding principles.
- In-depth knowledge of penetration testing methodologies and tools.
- Hands-on experience with code review tools, security scanning, and static code analysis tools.
- Proficiency in working with MS Office applications (Excel, PowerPoint, Word, SharePoint) and document control systems.
- Familiarity with open-source vulnerability management and compliance frameworks.
Security Standards & Compliance
- Strong understanding of COBIT, FFIEC, Sarbanes-Oxley (SOC), PCI-DSS, SSAE 16, and related security regulations.
- Familiarity with OWASP Top 10, SANS Top 20 Critical Security Controls, and NIST frameworks.
- Ability to influence and implement security controls, risk assessments, and governance processes.
Soft Skills & Competencies
- Excellent analytical and problem-solving abilities with a detail-oriented mindset.
- Strong communication skills (both verbal and written) for effectively collaborating with technical and non-technical stakeholders.
- Ability to work independently, manage multiple projects, and meet deadlines with minimal supervision.
- Proven experience in project management with exposure to Agile and DevSecOps environments.
- Passion for cybersecurity, with a proactive approach to raising security concerns and proposing solutions.
Preferred Certifications
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
Additional Information
This is a hybrid role, requiring employees to work from the office 2-3 days a week based on business needs. Visa is committed to fostering an inclusive and diverse work environment and encourages candidates from all backgrounds to apply. We are an Equal Opportunity Employer, ensuring all qualified applicants receive fair consideration without regard to race, color, religion, gender, national origin, sexual orientation, gender identity, disability, or veteran status.
Join Visa today and be a part of a mission-driven company that is shaping the future of secure digital payments!